Oval Definition:oval:org.mitre.oval:tst:35054
Comment:qt-designer is earlier than 1:3.3.3-13.RHEL4
Type:rpminfo_testNamespace:linux
Check_Existence:at_least_one_existsCheck:at least one
State Operator:AND
References
Object:oval:org.mitre.oval:obj:14074
State:oval:org.mitre.oval:ste:9643
Referencing Definitions
Definition IDClassTitleLast Modified
oval:org.mitre.oval:def:11159
V
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
2013-04-29
oval:org.mitre.oval:def:11510
V
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.
2013-04-29
BACK